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Abstract —An unobservable false data injection (FDI) attack on 
AC state estimation (SE) is introduced and its consequences on 
the physical system are studied. With a focus on understanding 
the physical consequences of FDI attacks, a bi-level optimiza¬ 
tion problem is introduced whose objective is to maximize the 
physical line flows subsequent to an FDI attack on DC SE. The 
maximization is subject to constraints on both attacker resources 
(size of attack) and attack detection (limiting load shifts) as well 
as those required by DC optimal power flow (OFF) following 
SE. The resulting attacks are tested on a more realistic non¬ 
linear system model using AC state estimation and ACOPF, and 
it is shown that, with an appropriately chosen sub-network, the 
attacker can overload transmission lines with moderate shifts of 
load. 

Index Terms —false data injection, state estimation, optimiza¬ 
tion, vulnerability analysis. 

I. Introduction 

ITH the increasing integration of real-time monitor¬ 
ing, sensing, control, and communication, the electric 
power systems are becoming increasingly efficient and con¬ 
trollable. However, the tight integration also makes the system 
more vulnerable to cyber attacks with potentially serious 
physical consequences. Therefore, assessment and evaluation 
of possible attacks and consequences before an actual attack 
happens is extremely instructive to the utilities: procedures 
for detecting potential attack incidents is an important supple¬ 
ments to the secure operation of the power system. 

There is much interest in studying cyber attacks on the 
electric power system. This includes attacks on system states 
0-0- system topology Jj7j, |8), generator dynamics @, and 
energy markets G3- fl2| . While several classes of cyber¬ 
attacks have been identified, consequences of such attacks on 
the electric power system are less understood. It is this aspect 
that we focus on in this paper. To this end, we introduce a class 
of false data injection (FDI) attacks on AC state estimation 
(SE) designed to cause physical line overflows. In fact, such 
an attack can potentially lead to cascading failures since a 
sustained attack can ensure that the physical line overflow is 
not detected through the cyber measurements. 

A. Contributions 

The contributions of this paper are two-fold. First, we 
introduce a sophisticated unobservable attack on AC state 
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estimation that takes into account the sequential data pro¬ 
cessing functionalities in the cyber layer of the electric power 
system (see Fig. |TJ). Our attack models a sophisticated attacker 
with access to measurements in a small sub-network and with 
the intention of creating significant changes to the physical 
network that can have potentially damaging consequences, 
if undetected. Enabling physical consequences requires the 
attacker to change measurements that leads to redispatch, 
and eventually, line overloads. To this end, we formulate a 
bi-level attack optimization problem with the objective of 
causing a physical line overflow via an unobservable attack 
on AC state estimation subject to constraints on: (i) number 
of meters to attack (limited resources constraint) and (ii) 
load shifts (to limit operator detection). Since a line overflow 
requires modeling the system level redispatch subsequent to 
the attack, our optimization problem has embedded in it a 
second level redispatch optimization problem. The second 
contribution of our work is to highlight the consequences of 
our proposed attack on a non-linear system model with AC SE 
and ACOPF. We use the optimal attack vector obtained from 
our optimization problem to do so. We show that our attack 
model can successfully lead to line overflows for an RTS-24- 
bus system with moderate load shifts and attack sizes. 

B. State of the Art 

FDI attacks have gained much interest in the literature 
starting from Liu et aids work on unobservable attacks on 
DC SE JT|. Their work shows that an attacker can change 
the system state without being detected by the bad data 
detection algorithm within SE if the attack vector is chosen 
judiciously to mimic typical SCADA measurements. Kosut et 
al. discuss the trade-off between maximizing estimation error 
at the control center and minimizing detection probability of 
the attack 0 - 

For attacks restricted to a sub-network of the system net¬ 
work graph, the authors in introduce an algorithm to 
determine an attack subgraph and show that such a sub¬ 
network must be bounded by buses with injections. Further¬ 
more, the authors also show that a sophisticated attack using 
AC SE requires the attacker to estimate the system states for 
its subgraph. Recently, in (14), we build upon © to introduce 
an AC attack restricted to a subgraph and show that it suffice 
for the attacker to perform local SE to launch an unobservable 
attack. 

In this paper we extend © to study attack consequence. To 
this end, we use an attack subgraph and determine the optimal 
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attack via a bi-level optimization problem. Bi-level attack 
optimization problems in the context of attacks are considered 
in (Tg-(rg. In all cases, the optimization problems include 
both the attacker’s goal (unobservable attack on DC SE) 
as well as the ensuing system response (OPF), leading to 
a bi-level optimization problem. However, the goal of the 
optimization in the aforementioned papers is to increase the 
operating costs for the system. While costs are relevant to the 
electric power system operation, cyber attacks with physical 
consequences can be more damaging. 

The optimization problems in and G3 take into 
account the fact that FDI attacks lead to an inevitable load shift 
at the buses in the subgraph and include a constraint on the 
load shift magnitude to limit detection. In this paper, we take 
this a step further and restrict not only the load shift magnitude 
but also the size of attack subgraph to simultaneously model 
the observability and limited resources constraints. 

The remainder of this paper is organized as follows. Sec. 
[II] introduces the general system and attack model. Sec. Ill 


discusses the different attack strategies for unobservable at¬ 
tacks. Sec. |IV] presents a bi-level optimization formulation to 
identify the worst-case overflow attack. Sec. [V] presents and 
analyzes the numerical results for a test system. Sec. VI draws 
the conclusion of this paper and presents the direction of future 
works. 


II. Problem formulation: system and attack 

MODEL 

A. Temporal nature processing of the grid 

Fig. [I] illustrates the temporal nature of processing in the 
grid and the attack model. Assume a system with rib buses, 
ribr branches, and n g generators. Active and reactive load 
of each buses are represented by Pr and Ql, respectively. 
Measurement and estimated measurement residue are denoted 
as 2 and r, respectively. In the bad data detector, r is the 
residue threshold and x = [ V , 6] T is the system state, where 
V is bus voltage magnitude and 6 is bus voltage angle. The 
function h{-) denotes the non-linear function that gives the 
measurements. This function depends only on the system 
topology. Estimated values are denoted with a hat, e.g. x. V. 6. 

As shown in Fig. [I] generation dispatch control decisions 
made at the control center depend on the noisy measurements 
provided by the SCADA system. If these measurements are 
corrupted by an attacker and pass the bad data detector, they 
can directly influence the control decisions for the next time 
interval. Since the process occurs in the same manner for each 
time t, we drop the functional dependence on / for the rest of 
this section. The major blocks shown in Fig. [T] are discussed 
in detailed in the following subsections. 


B. Measurements 

The AC measurement model follows the non-linear relation¬ 
ship 

2 = h(x) + e. (1) 

where z, e and i are ra x 1 , ra x 1 and n x 1 vectors with 
entries Zi, and Xk, respectively i £ {1 and k £ 


{1,..., n}. Zi is the fi 2 measurement of the system: line power 
flows, bus voltage and line current magnitude, etc. e t is the 
measurement error, assuming to be independent and Gaussian 
distributed with 0 mean and of covariance. 


C. State estimation 

As illustrated in Fig. [T] all raw measurements are first 
passed through an observability check. If there are enough 
measurements, the system will be observable; otherwise, the 
system is divided into several observable islands. 

State estimation is used to determine the most likely state 
of the system given the available noisy measurements. In AC 
state estimation, the state variables are solved as a least square 
problem with an objective function [18] 

x = argmin J(x) = {h(x) — z) T R~ 1 (h(x) — z) (2) 

where R = diagjof, of,..., a^j and x = [V, 9} T is the 
estimated state. 

Subsequent to SE, the bad data detector filters noisy mea¬ 
surement and guarantees the accuracy of estimation, using x' 2 
test. 


D. AC and DC optimal power flow 

The AC optimal power flow (OPF) takes the following form: 


minimize f(Po) 

X 

subject to G(x) = 0 
F(x) < 0 


*^max 


< X < X 


max 


(3) 

(4) 

(5) 


where /(.) is the generation cost function and x = 
[V , 9, Pc, Q g ] t is the variable of the optimization problem. 
Inequality constraint, i.e. the line thermal limits, is denoted 
as F and equality constraint, i.e. the node power balance is 
denoted as G. Both F and G are non-linear constraints, since 
there are active and reactive power involved. 

DCOPF approximates G and F around V = 1, 9 = 0 by 
their first order Taylor expansion: 

minimize f(Pc) 

e,Pc 

subject to — Hi9 + Pg — Pl = 0 

_ pmax < fj 2 9 < P max 
pmm < p G < pmax 


( 6 ) 

(7) 

( 8 ) 


where 

• H i is the matrix of dependencies between power injection 
and state 9. 

• H 2 is the matrix of dependencies between branch power 
flow and state 9. 

• p max is the thermal limit. 

• Pq u 'and pmax are t [ le generator capacity lower and 
upper limit, respectively. 
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Figure 1. Illustration of temporal processing of the grid and attack model. 


E. Attack model 


We first assume that the attacker has following capabilities: 


1) The attacker has access to all measurements and topology 
information of a small area S bounded by buses. The set 
of all measurement indices in S is denoted as Is and the 
set of all state indices in S is denoted as AC 5 . 

2) The attacker can change or replace all measurements in 

5 . 


3) The attacker has computational capability. 

As discussed in 114 , according to 0 , suppose the 
measurement prior to attack is Zi = hi(x) + e^, the general 
attack model changes the measurement Zi to z^ such that 



if HTs 
if i e Is 


where Zi is chosen by attacker. 


(9) 


III. Attack strategy 


A. Unobsen’able attack 


Definition 1. An attack is unobservable for a measurement 
model h(-) if, in the absence of measurement noise, there 
exists ac^O such that z}f ] = hi(x + c) for all i. 

Therefore, for the attacker to execute an unobservable 
attack, again assuming no measurement noise, 0 becomes 



-Zi 

hi(x + c ) 


if i£Is 
if i e Is- 


( 10 ) 


From if the state is required to compute 

h,(x) for any i ^ Is, then for any unobservable attack the 
corresponding A :^ 1 entry in attack vector must satisfy Ck = 0 . 


That is, for an attack region S, not all the bus states in it 
can be changed. The attack region must be bounded by a 
set of buses without state changes however with measurement 
changes. To identify such a collection of one or more buses 
in £>, we first distinguish between two types of buses based 
on the presence of load. We henceforth identify buses with 
load as load buses. 1C i oa( j denotes the bus indices of load bus. 
An attacker can attack either type of bus. However, since the 
injections of non-load buses are known to the control center, 
attacking a non-load bus implies that the measurements at 
the closest load buses also need to be changed to ensure that 
the nodal power balance is maintained. In [13)J, a method is 
introduced to identify a subgraph of the network that allows an 
attacker to perform an unobservable attack. We use a similar 
method, as summarized as follow. Let ( be a target load 
bus, the corresponding single-target-bus attack subgraph Sk 
is constructed by following steps: 

1) Include bus k in Sk- 

2) Extend Sk from bus k by including all buses and branches 
that are connected to bus k. 

3) If there is a non-load bus on the boundary of Sk , extend 
Sk to include all adjacent buses of such a boundary bus. 

4) Repeat 0 until all buses on the boundary are load buses 
or Sk can not be extended anymore. 

The steps above give an attack subgraph that includes the 
target load bus and is bounded by load buses. Fig. [2] shows 
two simple examples of single-target-bus attack subgraphs. 
The choice of the final attack subgraph S, however, can be 
a union of several single-target-bus attack subgraphs: 

5= U Sk- (11) 

k • Cfc 7^0n/c£/Cioad 

This choice of attack subgraph results in estimated load 
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Figure 2. Examples of single-target-bus attack subgraph. Fig. 2a shows the 
subgraph with target bus 1 and Fig. 2b shows the subgraph with target bus 2. 


changes at all load bus within S while no net load changes in 
the system. 

B. DC attack 

Since © is nonlinear and generally hard to solve, it is 
reasonable for the attacker to first consider a simplified DC 
attack. As jjl'| demonstrated, by knowing system Jacobian ma¬ 
trix H, an attacker can intelligently construct an unobservable 
attack vector a = He such that z^ = Zi + a. 

Thus, (Toll becomes 


(a) 

Z- = 


Zi if i £ lsp 

Zi + if i € lsp 


( 12 ) 


where. Ip denotes the set of indices of active power mea¬ 
surements, lsp = Is Clip, and //(,., denotes the i^ 1 row of 
H. 

Though DC attack is easy to construct, it is not an unob¬ 
servable attack for AC state estimator. Without taking reactive 
power flow into account, a DC attack will be detected when 
c is too large. 


C. AC attack 

From © in contrary to DC attack, it seems that the 
attacker must know all the state values that appear in /ij(.), for 
all i G Is, to construct z t precisely. However, this information 
is not available to the attacker. Thus, attacker can use the 
following steps to construct 2 : 

1) The attacker first chooses the non-zero entries in c only 
for the load buses. These non-zero entries correspond to 
the center buses for the attack subgraph. 


2) Use the protocol in Sec. III-A and choose S for the 
desired attack. 

3) Given the measurements that are available to the attacker 
in S, perform local AC state estimation to find . The 
slack bus may be chosen arbitrarily among all load buses. 

4) For all load buses k, set = x^ + c k . 

5) Since the injection of non-load buses can not be changed, 
the states of non-load buses are dependent on the state 
of all the buses that connected to them. Therefore, the 
attacker has the nodal balance equation for each non-load 
bus A: in <S: 

p^ k = v k j2 Vi^GkiCosOki + BkiSinOki) (13) 
ieAfk 

Qini k = v k ^2 Vi{Gkisind ki - B ki cos9 ki ) (14) 
ieAfk 

where G k i + jB k i is the (fc,i) th entry of the complex 
bus admittance matrix and 9 k i = 9 k — 9i is the angle 


difference between bus k and i. These equations can 
be solved by iterative methods such as Newton-Raphson 
method. 

6 ) With all the computed state information, the attacker can 
therefore compute the false measurements such that 



if i i Is 
if i G Is- 


(15) 


IV. Optimization problem for the worst-case line 

OVERLOAD ATTACK 

The aim of the unobservable attack is to maximize the 
physical line flow for a chosen line in the attack subgraph. 
However, the attacker, in general, has limited resources to 
change states; furthermore, the attacker would also like to 
design the attack to avoid detection over the various comput¬ 
ing units in EMS. This leads to a constrained optimization 
problem. Specifically, we model the two conflicting goals 
of the attacker as follows: the limited resource constraint 
is modeled by a sparsity constraint in which we limit the 
number of center buses at which states can be changed. The 
detectability constraint is modeled by limiting the cyber load 
shifts that result from the FDI attacks. This is because a large 
deviation in estimated load from normal operational values 
will be detected as an anomalous event by the operators. The 
sparsity constraint capturing the limited resource is modeled 
as an /,,-norm constraint. This is, in general, intractable, and 
therefore, we relax it to an Zi-norm constraint. In addition 
to the two constraints, since the physical line flow is a 
consequence of the control center re-dispatch generation, the 
attack optimization process has to include the OPF subsequent 
to state estimation as a sub-problem. The resulting problem is 
a bi-level optimization problem. 

Generally, an optimal dispatch can be the result of different 
load patterns. As a result, there are numerous solutions of 
attack vector that lead to the same physical line flow on the 
target line. Among these, the goal of the optimization is to 
choose the one with the smallest /, -norm, and hence, Iq- 
norm to satisfy the limited resources constraint. This, in turn, 
requires a second entry in the objective function where we 
determine the sparest attack vector among the same maximal 
power flow on the target branch. 

The attacker’s influences over the system can be formulated 
as an optimization problem (with attacker’s objective) embed¬ 
ded with a sub-problem (with operator’s objective). Similar 
to the authors in © ©, we model the optimal attack 
problem as a bi-level optimization problem with an objective 
to maximize the power flow on branch l while to change as 
few states as possible: 


maximize Pi— 7||c|| 0 (16) 

subject to 

P = H 2 {9 * - c) (17) 

- L S P < H\c < L s P l (18) 

Hello < No (19) 
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{()*, P£, R*} = arg< min ^/ 9 (P Gb ) +^Tv,( r ,) \ 
l ' G ’ g= i 1=1 J 

( 20 ) 

P g -H 1 (9-c)-P l = 0 (u) (21) 

-P m ^-R<H 2 9<P m& * + R (A+,A“) (22) 

Pgi 1 * 11 < Pq < Pq & * {a+,a~) (23) 

0 < P (/3) (24) 

where the variables: 

P is the iibr x 1 vector of branch power flow; 

c is the rib x 1 attack vector; 

9 , 0 * are rif, x 1 state variable vectors and optimal 

variable solved by DCOPF, respectively; 

Pg,Pq are n g x 1 vectors of generation dispatch vari¬ 
able and optimal generation dispatch solved by 
DCOPF, respectively; 

R, R* are rib r x 1 vectors of the line relaxation variable, 
and optimal line relaxation solved by DCOPF, 
respectively; 

v is the rib x 1 dual variable vector for all equal 

constraints in DCOPF; 

A+, A - are rib r x 1 dual variable vectors of the upper and 
lower bound of thermal limits, respectively; 

a + , or are n g x 1 dual variable vectors of the upper and 
lower bound of generator capacity, respectively; 

and the parameters: 

Lg is the load shift factor; 

Pl is the rib x 1 vector of active load at each bus; 

No is the Zo-norm constraint integer; 

H i is the rib x rib matrix of dependencies between 

power injection measurements and state variables; 

H 2 is the n n b x rib matrix of dependencies between 

power flow measurements and state variables; 


h 

pmax 


is the cost function of the g ^ generator; 
is the penalty function of relaxing the Z *^ 1 line; 
is the ribr x 1 vector of line thermal limit; 


rib 

Mlo = El l{Ck 7^ 0)- 

k £ /C load 


change in load shift is limited to LsPl • A standard DCOPF 
with a thermal limit relaxation penalty is modeled by (| 20 |>- 
The penalty function in ( [20] ) ensures the second level 
OPF converge thus the first level problem to return a solution. 

Since ( fl9| ) is a modified Zo-norm constraint, it is a complex 
non-linear constraint and generally non-convex. In this paper, 
we relax it to a corresponding Zi-norm constraint as 


Mli = E 

k £ /Cioad 


(26) 


where Ni is non-negative. Since ( [26] ) is a non-linear constraint 
and we rewrite it as 


Ck — Ski 


Ck — $ki 


k£ /Cioad 


s k < iVi. 


(27) 


where s is a slack variable. 

For the embedded OPF problem, the optimal solution can be 
found at the point which satisfies the KKT optimality condition 
with zero duality gap since it is a convex optimization problem 
m- We use this fact to further replace the embedded DCOPF 
problem in ( [20] ) with its KKT conditions below, along with 
as 

[\ + -,\-;a + ;a~;P] > 0 (28) 

diag ([A+; A"]) ([H 2] -H 2 \ 9* - [P max + P*] [/; -/]) = 0 

(29) 

diag ([«+;«"]) ([/;-/]P5- [Pr x ;-^G in ]) =« (30) 
-diag(/3 )R* = 0 (31) 

n g n br 

v(E/ 9 ( p g 9 ) + E^W)) 


9=1 


1=1 


G i -03 '"9 

generator output, respectively; 

7 the weight of the norm of attack vector c. 

We define Zo-norm as appropriate quantities summed over 
only the load buses. Thus, the Zo-norm,||c|| 0 , of the attack 
vector c is defined as 


(25) 


Recall the goal of optimization is to maximize Pi while 
finding the sparsest attack among all the possible attack 
vector. Thus, due to the trade-off between the maximum 
power flow and the corresponding sparest attack vector, thus 
the optimization objective is Pi — 7 ||c|| 0 . The weight 7 is 
chosen to be a small and positive value such it in general 
contributes minimal to the objective. Note that (|T7 ]i-(|T 9| are 
the attack related constraints. The constraints in ( fT7j ) model the 
unobservability of the attack and the constraints in (fT8]>—(fT9]) 
model the attacker’s limited ability: the attacker can alter up to 
A), states (not necessarily alter all of them) and the resulting 


+ [A+; A"] 1 V {[H 2 , -H 2 ] 9* - [P max + P*] [/; -/]) 

+ [a + ; a"] T V ([/; -I) P* G - [P^ ax ; -P£ in ]) (32) 

-0 T VP* + u t V[P5 - HR9* -c)-P L \= 0 

where (|29])—([31]) are the complementary slackness condition 
for constraint (|22|)-(|24|) and ( [32] ) is the partial gradient op¬ 
timal condition. Though ([29])—([31]) are non-linear, they have 
specially distinctive nature. For instance, the f h equation in 
( |3T| ) can be separated into two conditions associated with a 
binary variable 6g :j 

( t 6j > 0 and —R* = 0, if S 0j = 0 
\Pj= 0 and -P* < 0 , if 5 Pj = 1 . 

In pO] , a procedure is proposed to write ( [33] ) as a mixed 
integer problem given as 

^.={1,0}, Pj < C5p. , R*<C(l-5 Pj ). (34) 

If Sfij = 0 , substitute m and ( |28| ) into ( [34] ), we have 

S g . = 0, 0<j8j<0, 0 <R*<Cj. (35) 

Thus, if Cj is large enough to not effect the solution of P*, 
( |35j ) is equivalent to the complementary slackness when the 
j th constraint in ( [24] ) is not an active constraint. Similarly, if 
8g. =1 and substitute and ( |28| ) into ( [39] ), we have 


= 1 , 


0 <Pj< Cj, 


0 < R* < 0 . 


(36) 
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Again, if Cj is large enough to not effect the solution of /3j , 
( |36l > is equivalent to the complementary slackness when the 
/"constraint in ( [24] ) is an active constraint. Therefore, ( [34] is 
equivalent to | |3T) . 

Thus, the whole problem becomes the mixed-integer linear 
program 


maximize 


Pi-lY, 


k (z /C load 


$k 


subject to 


U A ={ 1 , 0 } 

CSf 


([T7)-([T8], ([2T}-([24], ([32]) 

% 

X ± < 

—H 2 9* + P max 
+H 2 9* + P max 
={ 1 , 0 } 
a± < C5± 


iv 

IV 


< C{ 1 - 6+) 

< C{1 - 5f) 


-P, 


g t Pq &x < C(1 — <5+) 
P* - < <7(1 - S-) 

5 f 3 = {1,0} 

P < C6p 

R* < C( 1 - 8p) 


(37) 


(38) 


(39) 




percentage of feasible attack 
- percentage of successful attack _ 

I— ~ r — —I — - ,-r 


10% 


30% 


70% 


90% 


where 8± and 5p are binary variables and C is a large 


50% 

(c) 

Load shift (L ) constraints 


Figure 3. Statistic summary of 38 attack scenarios for the omnipotent attacker 
with the non-congested system. 


constant. 


V. Simulation Results 


In this section, we run the optimization problem defined in 


Sec. IV on the IEEE RTS-24-bus system to find an optimal 
attack vector c. Subsequently, we use this attack vector c to 
simulate an AC attack described in Sec. |III-C| and given by 
© against a non-linear system model involving AC state 
estimation and ACOPE AC power flow, AC state estimation, 
and ACOPF are implemented with MATPOWER toolbox in 
MATLAB. For the optimization problem, we use CPLEX as 
the solver. 


A. Solution for the optimization problem 

We highlight results of two scenarios for the RTS-24-bus 
system: one with original rating and one with reduced rating. 
The one with original rating represents a system without 
congestion prior to attack and the one with reduced rating 
represent a congested system. 

Second, we define an attack as feasible if the resulting 
change in power flow is more than 1% of the power flow 
value prior to the attack. This is to distinguish the cases 
with no or minor changes on target branch power flow I) 
after attack from those with large changes. We furthermore 
define a feasible attack to be successful if the target branch is 
overloaded after attack. We choose 7 to be 1% of the original 
power flow value of the target branch. 

Figs. 0 and [4] illustrate relevant statistics for the non- 
congested and congested systems, respectively, when the iVi 
constraint is set to be infinite. That is, the attacker has control 
over all measurements of the system and can change as many 
measurements as it wishes. The congested system is modeled 
with all branch ratings decreased by 50%. There are three 


S 

o 

Oh 


< 




Load shift ( L s ) constraints 


Figure 4. Statistic summary of 38 attack scenarios for the omnipotent attacker 
with the congested system. 


subplots in both Figs. [3] and [4] Subplot (a) shows the maximal 
power flow on branch 10 (based on our observation, this is 
the attack with the maximal power flow, i.e., the worst-case 
attack); subplot (b) shows the average / (r norm of attack vector 
c over all feasible cases; and subplot (c) shows the percentage 
of feasible and successful attacks. 

For both non-congested and congested scenarios, we ob- 
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serve that the maximal power flow increases as Lg constraint 
relaxes in Figs. [3|a) and |4fa). In Fig. |4ja), we observe a 
plateau after Lg > 50%. It is due to the generator location and 
capacity limitation and the fact that the line flow on branch 10 
cannot be increased anymore. From Figs. [3jb) and[4jb), as Lg 
constraint relaxes, it is easier to attack the system since the 
average /o-norm decreases and the attacker needs to change 
fewer bus states. It is due to the fact, for some cases, that the 
maximal power is saturated when the Lg constraint relaxes. 
The attacker effectively concentrates the change of loads on 
fewer buses with heavy loads therefore changes fewer bus 
states. From Figs. [3jc) and |4]c), we observe that the attacker 
can find more feasible cases as Lg constraint relaxes. Even 
if the attacker has full control over the system meters, its 
influence over the system is extremely limited by the load shift 
constraint. For instance, from Fig. |3jc), when Lg = 20%, the 
attacker cannot find any feasible attacks while the attacker can 
find 12 feasible attacks when Lg = 30%. 

Comparing Figs. [3] and [4} the congested system is more 
vulnerable to our FDI attack. For a non-congested system, 
from Fig. [3jc), the attacker cannot generate any successful 
attack. On the other hand, in Fig. [4jc), the feasible and success¬ 
ful attack percentage increases as Lg constraint increases for 
the congested system. This is expected because the RTS-24- 
bus system has redundant transmission capacity for reliability 
reasons and reducing all the line ratings proportionally will 
create a more stressed system. In conclusion, a congested 
system is naturally favored by the attacker. Thus, for the rest 
of the simulation, we only consider the congested system to 
illustrate the attack consequences. 

Now we discuss the l \ -norm constraint. To understand the 
effect of the sparsity constraint, we fix the Lg constraint 
and solve the proposed optimization problem for different l-\ - 
norm constraint {N \) and for all target branches. In Fig. [5] 
the maximal power flow on the target branch is plotted as a 
function of the l \ -norm constraint for a successful attack on 
target branch 17. The kink in Fig. [^represents point of which 
the attack is large enough to cause a different set of generators 
to be dispatched. 

Fig. [6] illustrates the effect of the 7 term in the objective 
function of our optimization problem for target branch 17. 
There are three sub-plots illustrating the following as a func¬ 
tion of the ?i-norm constraint N\: (a) the maximal power flow, 
(b) the 1 1 -norm , and (c) the Z 0 -norm of the attack vector, 
respectively. In each subplot, we plot two curves, one with 7 
set to zero and one with the chosen weight of 7 coefficient. 
Subplot (a) demonstrates that the 7 term does not decrease 
the resulting maximal power flow at all. Subplot (b) shows 
that once the maximal power flow saturates, introducing the 
7 term causes the optimization problem to find the smallest 
attack vector in 1\ -norm. This result in a stabilization of the 
f 0 -norm as shown in subplot (c) in contrast to the 7 = 0 case. 


B. Attack consequences for a non-linear model 

We now use the attack vector from the optimization problem 
to perform the AC attack described in Sec. III-C If the attacker 
keeps injecting false data, the attack as well as the overload on 



Figure 5. The maximal power flow v.s. the l\ -norm constraints with different 
load shift tolerance at target branch 17 (bus 10- bus 12). 



(c) 


/j-norm constraint (Ay with load shift (Zy = 30% (rad) 


Figure 6. The l \ -norm and /Q-norm of solved attack vector c v.s. the /1 - 
norm constraint (Ah) when load shift (Lg) is limited by 30%; target branch 
17 (bus 10- bus 12). 


the branches will be sustained until the system configuration 
changes. 

In this subsection, we assume a system with a complete set 
of measurements, i.e., both active and reactive power flows 
are measured at two ends of each branch and both active 
and reactive injection are measured at each load bus, which 
makes 186 measurements in total. Measurement error, as in 
0 . is assumed to have zero mean and variance 10 4 . During 
the simulation, we assume the physical load is unchanged. 
Note that, to make the system congested, all ratings of the 
branches are decreased by 50%. However, because of the 
existence of the reactive power, the convergence of ACOPF 
is not guaranteed. Thus, in order to compare AC and DC 
attack, certain ratings of branches in ACOPF have to be 
relaxed manually. We solve the optimization problem for target 
branch 17 and Lg = 30%. Fig. [TJa) compares the maximal 
power flow from the optimization problem (recall: DCOPF 
used in the optimization problem) with the physical power 
flow (active and apparent power) in the non-linear system after 
attack. In this scenario, the rating of branch 10 (bus 6-bus 
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(a) Comparison of DC optimization solution and AC maximal ac¬ 
tive/apparent power flow on target branch 17 
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Figure 7. Attack simulation on AC system model 


10) are relaxed to 145 MVA. Note that in the absent of the 
attack, i.e., A r -| = 0, the power flow for AC and DC OPFs 
result in sightly different power flow, however, as the attacker 
size is increased, the power flows closely track each other. In 
particularly, the AC attack successfully overloads branch 17. 
Branches as 12, 23, and 28 are also overloaded even though 
the attacker has not targeted on them, as shown in Fig. [7]b). 
Since branch 23 and 28 are congested prior to attack, once the 
generation is redispatched as a result of the attack, the power 
flow on these branches will change and in some cases it leads 
to overloads. Branch 12, while not congested prior to attack, 
suffers an overload due to the fact that it lies in the path of 
power delivering to branch 17. 

VI. Conclusions and future work 

This paper analyzed the physical consequences of false data 
injection attacks on power system state estimation. An attack 
framework was introduced in which the attacker matches the 
non-linear AC system characteristics by implementing local 
AC state estimation to a small number of measurements. 
Subsequently, a linear optimization problem was formulated to 
find the worst-case line overload attack. Numerical simulation 


was performed to test the resulting attacks on the IEEE-RTS- 
24-bus system. We found that, aside from the size of the attack 
subgraph, the constraint that an attack not cause significant 
observed load shift at the control center significantly impacts 
the attacker’s ability to overload a branch. Still, there exists 
attacks with mild load shift that cause overloads. 

Extensions include attacks targeted to overload multiple 
lines; this was an inadvertent side effect of our attacks, but a 
more targeted effort may cause more extreme damage or even 
cascading outages. Secondly, the linear optimization problem 
may be extended to a more accurate non-linear problem. 
Finally, using accurate load statistics to detect abnormal load 
patterns caused by FDI attacks could further restrict the space 
of undetectable attacks. 
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